CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

92 matches found

Open Web Analytics 1.7.3 - Remote Code Execution

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '?php instead of the intended "?php sequence aren't handled by the PH...

9.8CVSS7.3AI score0.93311EPSS

Exploits14References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-1287

Malware in sbrugna...

7.5CVSS6.1AI score0.01609EPSS

Exploits7References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-1533

Malware in sbrugna...

8.8CVSS8.8AI score0.00041EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2010-2680

Malware in sbrugna...

5CVSS6.4AI score0.05113EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2010-2681

Malware in sbrugna...

5.1CVSS6.4AI score0.03911EPSS

Exploits1References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-1532

Malware in sbrugna...

4.3CVSS8.6AI score0.0032EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-2332

Malware in sbrugna...

9.8CVSS9.5AI score0.04677EPSS

Exploits2References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-29208

Malicious code in bioql PyPI...

5CVSS6.5AI score0.00063EPSS

Exploits0References5

RedhatCVE•added 2025/09/17 12:49 a.m.•2 views

CVE-2025-59397

Open Web Analytics OWA before 1.8.1 allows owadb.php vvalue SQL injection...

5CVSS7.3AI score0.00063EPSS

Exploits0References1

OSV•added 2025/09/15 6:31 p.m.•2 views

GHSA-6W8R-XGQQ-QG6G Open Web Analytics Server is vulnerable to SQL Injection

Open Web Analytics OWA before 1.8.1 allows SQL injection...

5CVSS7.6AI score0.00063EPSS

Exploits0References8

Github Security Blog•added 2025/09/15 6:31 p.m.•3 views

Open Web Analytics Server is vulnerable to SQL Injection

Open Web Analytics OWA before 1.8.1 allows SQL injection...

5CVSS7.6AI score0.00063EPSS

Exploits0References8Affected Software1

Snyk•added 2025/09/15 4:44 p.m.•1 views

SQL Injection

Overview open-web-analytics/open-web-analytics is an open source analytics framework. Affected versions of this package are vulnerable to SQL Injection via the query process. An attacker can access sensitive information from the database by injecting crafted SQL statements. Remediation Upgrade...

6.9CVSS7.5AI score0.00063EPSS

Exploits0References2

NVD•added 2025/09/15 4:15 p.m.•3 views

CVE-2025-59397

Open Web Analytics OWA before 1.8.1 allows owadb.php vvalue SQL injection...

5CVSS0.00063EPSS

Exploits0References7

OSV•added 2025/09/15 4:15 p.m.•0 views

CVE-2025-59397

Open Web Analytics OWA before 1.8.1 allows owadb.php vvalue SQL injection...

5CVSS7.3AI score0.00063EPSS

Exploits0References7

Positive Technologies•added 2025/09/15 12:0 a.m.•4 views

PT-2025-37722

Name of the Vulnerable Software and Affected Versions Open Web Analytics versions prior to 1.8.1 Description Open Web Analytics OWA before version 1.8.1 is susceptible to SQL injection. Recommendations Update to version 1.8.1 or later...

5CVSS7AI score0.00063EPSS

Exploits0References14

CVE•added 2025/09/15 12:0 a.m.•7 views

CVE-2025-59397

CVE-2025-59397 concerns Open Web Analytics (OWA) prior to 1.8.1. The vulnerability is a SQL injection in the owa_db.php component via a v[value] input, impacting potentially data confidentiality as per the CVSS metrics (Confidentiality Impact: Low; no other impacts). Affected product/version: Ope...

5CVSS7AI score0.00063EPSS

Exploits0References7

CNNVD•added 2025/09/15 12:0 a.m.•0 views

Open Web Analytics Server SQL注入漏洞

Open Web Analytics Server is Open Web Analytics open source alternative for commercial web analytics tools such as Google Analytics. A SQL injection vulnerability exists in versions of Open Web Analytics Server prior to 1.8.1 that stems from vulnerability to SQL injection attacks...

5CVSS7.5AI score0.00063EPSS

Exploits0References7